搭建一个基于https://www.zuoye.com访问的web网站,网站首页在/www/https/,内容为exercise。
思路:
#思路:准备好https所需要的东西+关闭防火墙及SElinux+创建目录编写网页内容+编写配置文件
https相关的东西:
[root@localhost ~]# yum -y install httpd
[root@localhost ~]# yum -y install mod_ssl
#生成私钥和证书:
[root@localhost ~]# cd /etc/pki/tls/certs/ #配置文件
[root@localhost certs]# openssl genrsa -aes128 2048 > jeff.key #生成私钥
[root@localhost certs]# openssl req -utf8 -new -key jeff.key -x509 -days 700 -out jeff.crt #生成证书
[root@localhost certs]# ll
总用量 12
lrwxrwxrwx. 1 root root 49 6月 17 2021 ca-bundle.crt -> /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
lrwxrwxrwx. 1 root root 55 6月 17 2021 ca-bundle.trust.crt -> /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt
-rw-r--r--. 1 root root 1375 11月 14 14:43 jeff.crt
-rw-r--r--. 1 root root 1766 11月 14 14:41 jeff.key
-rw-r--r--. 1 root root 3980 11月 13 20:44 localhost.crt
关闭防火墙及SELinux
[root@localhost certs]# systemctl stop firewalld.service
[root@localhost certs]# setenforce 0
创建目录及编写网页内容
[root@localhost ~]# mkdir -pv /www/https
[root@localhost ~]# echo "exercise" > /www/https/index.html
编写配置文件
[root@localhost ~]# cd /etc/httpd/conf.d/
[root@localhost conf.d]# vim zuoye.conf
<Directory "/www/https">
AllowOverride None
# Allow open access:
Require all granted
</Directory>
<VirtualHost 192.168.76.132:443>
DocumentRoot "/www/https"
ServerName www.zuoye.com
ErrorLog "/var/log/httpd/zuoye_error_log"
CustomLog "/var/log/httpd/zuoye_access_log" common
SSLEngine on
sslcertificatefile /etc/pki/tls/certs/jeff.crt
sslcertificatekeyfile /etc/pki/tls/certs/jeff.key
</VirtualHost>
[root@localhost conf.d]# systemctl restart httpd #重启服务
Windows主机的配置:
#通过域名访问的话,需要去windows主机的C:\Windows\System32\drivers\etc\host
检验: